Legal claims defining the scope of protection, as filed with the USPTO.
1. A system for accessing confidential data of a user via a network, the system comprising: a server hosting an application providing selective access by the user to confidential data related to the user; a client interface capable of interfacing with the server via the application; at least one database having the confidential data stored therein, the database in communication with the server; a processor configured to execute the application, wherein the application includes a multi-layer authentication function that causes the server to: request and receive initial authentication data from the user, the initial authentication data comprising wallet data associated with the user, using the initial authentication data, search for confidential data associated with the user in the at least one database, and if confidential data associated with the user is found, transmit to the client interface and present to the user a plurality of randomly ordered and selectable options, wherein one of the selectable options corresponds to a correct option comprising an incomplete portion of the confidential data associated with the user, and wherein the other selectable options correspond to false options provided in a format similar to the correct option, receive a selection from the user of a selected one of the options, and if the selected one of the options is the correct option, request and receive entry of additional data by the user to complete the incomplete portion of the confidential data associated with the user, and if the additional data correctly completes the confidential data of the user, grant access to the user of the user's confidential data.
2. The system of claim 1 , wherein the incomplete portion of the confidential data is based on non-wallet information.
3. The system of claim 1 , wherein the incomplete portion of the confidential data comprises an incomplete portion of a telephone number associated with the user.
4. The system of claim 3 , further comprising an automated telephone calling system in communication with the server for placing a telephone call to the telephone number associated with the user when the server receives data indicative of the user completing the incomplete telephone number via entry into the client interface.
5. The system of claim 4 , wherein the automated telephone calling system communicates instructions to the user via the telephone call to complete authentication.
6. The system of claim 4 , wherein the automated telephone calling system communicates a PIN via the telephone call to the user for use in authentication via the application.
7. The system of claim 1 , further comprising an automated telephone calling system in communication with the server for placing a telephone call to a telephone number obtained from the confidential data.
8. The system of claim 7 , wherein the automated telephone calling system communicates a PIN via the telephone call to the user for use in authentication via the application.
9. The system of claim 8 , wherein the PIN is randomly generated.
10. The system of claim 8 , wherein the PIN expires after a predetermined time period.
11. The system of claim 1 , wherein the confidential data comprises data from a record selected from the group consisting of a credit record, a tax record, a medical record, a financial record and an insurance record.
12. A method for authenticating an identity of a user seeking access to data related to the user via a client device in communication with a server, the method comprising the steps of: requesting by the server and receiving from the client device initial authentication data entered by the user, the initial authentication data comprising wallet information associated with the user; using the initial authentication data, searching for confidential data associated with the user in a database associated with the server, and if confidential data is found, sending to the client device a plurality of randomly ordered and selectable options, wherein one of the selectable options corresponds to a correct option comprising an incomplete portion of the confidential data associated with the user, and wherein the other selectable options correspond to false options provided in a format similar to the correct option; receiving a selection from the user of a selected one of the options, and if the selected one of the options is the correct option; requesting by the server and receiving from the client device additional data entered by the user in an attempt to complete the incomplete; portion of the confidential data associated with the user; determining by the server whether the additional data entered by the user correctly completes the incomplete portion of the confidential data and granting the user access to the data related to the user if the server determines that the additional data entered by the user correctly completes the incomplete portion of the confidential data.
13. The method of claim 12 , wherein the incomplete portion of the confidential data is a partial telephone number associated with the user.
14. The method of claim 12 , wherein the incomplete portion of the confidential data is based on non-wallet information.
15. The method of claim 12 , further comprising the step of: prior to granting the user access to the data, placing a call to a telephone number within the confidential data associated with the user if the server determines that the additional data entered by the user correctly completes the incomplete portion of the confidential data.
16. The method of claim 15 , further comprising the step of: prior to granting the user access to the data, communicating a PIN to be entered by the user into one of either the client device or a device associated with the telephone number.
17. A non-transitory computer-readable medium having computer-executable instructions for performing steps of a server process for authenticating an identity of a user seeking access to confidential data related to the user over a network via a client interface, the steps comprising: requesting and receiving from the client interface initial authentication data entered by the user, the initial authentication data comprising wallet information associated with the user; using the authentication data, searching for confidential data associated with the user in a database associated with the server, and if confidential data associated with the user is found, sending to the client device a plurality of randomly ordered and selectable options, wherein one of the selectable options corresponds to a correct option comprising an incomplete portion of the confidential data associated with the user, and wherein the other selectable options correspond to false options provided in a format similar to the correct option; receiving a selection from the user of a selected one of the options, and if the selected one of the options is the correct option; requesting and receiving from the client interface additional data entered by the user in an attempt to complete the incomplete portion of the confidential data associated with the user; determining whether the additional data entered by the user correctly completes the incomplete portion of the confidential data; and granting the user access to the confidential data associated with the user if the additional data entered by the user correctly completes the incomplete portion of the confidential data.
18. The non-transitory computer-readable medium of claim 17 , further comprising the step of: prior to granting the user access to the confidential data, placing a call to a telephone number within the confidential data if the additional data entered by the user correctly completes the incomplete portion of the confidential data.
19. The non-transitory computer-readable medium of claim 18 , further comprising the step of: prior to granting the user access to the confidential data, communicating a PIN to be entered by the user into one of either the client interface or a device associated with the telephone number.
20. A non-transitory computer readable medium having software code for execution on a computer processor, for authenticating an identity of a user seeking access to confidential data related to the user over a network via a client interface, comprising: a first code segment for requesting and receiving from the client interface initial authentication data entered by the user, the initial authentication data comprising wallet information associated with the user; a second code segment for initiating a search, using the initial authentication data, for confidential data associated with the user in at least one database, a third code segment for sending to the client interface a plurality of randomly ordered and selectable options, wherein one of the selectable options corresponds to a correct option comprising an incomplete portion of the confidential data associated with the user, and wherein the other selectable options correspond to false options provided in a format similar to the correct option; a fourth code segment for requesting and receiving from the client interface a selection from the user of a selected one of the options; a fifth code segment for determining whether the selected one of the options is the correct option; a sixth code segment for requesting by the server and receiving from the client interface additional data entered by the user to complete the incomplete portion of the confidential data associated with the user; a seventh code segment for determining whether the additional data entered by the user correctly completes the incomplete portion of the confidential data; and an eighth code segment for granting the user access to the confidential data related to the user if the additional data entered by the user correctly completes the incomplete portion of the confidential data.
21. A system for accessing confidential data of a user via a network, the system comprising: a server having a processor and hosting an application providing selective access by the user to confidential data related to the user, the server capable of communication with at least one database having the confidential data stored therein and a client interface via the application; the processor configured to execute the application, wherein the application includes a multi-layer authentication function that causes the server to: request and receive initial authentication data from the user, the initial authentication data comprising wallet data associated with the user, using the initial authentication data, initiate a search for confidential data associated with the user in the at least one database, and if confidential data associated with the user is found, transmit to the client interface and present to the user a plurality of randomly ordered and selectable options, wherein one of the selectable options corresponds to a correct option comprising an incomplete telephone number associated with the confidential data of the user, and wherein the other selectable options correspond to false options comprising a plurality of randomly generated incomplete telephone numbers provided in a format similar to the transmitted portion of the telephone number associated with the confidential data of the user, receive a selection from the user of a selected one of the options, and if the selected one of the options is the correct option, request and receive entry of additional data by the user to complete the telephone number, and if the additional data correctly completes the telephone number associated with the confidential data of the user, generate and transmit a PIN to the client interface; and an automated telephone calling system in communication with the server for automatically placing a telephone call to a telephone number selected by the user when the processor determines that the additional data correctly completes the telephone number associated with the confidential data of the user, wherein the automated telephone calling system is configured to request and receive entry of the PIN by the user via a client device associated with the telephone call to the user to complete authentication of an identity of the user.
22. A method for authenticating an identity of a user seeking access to data related to the user via a client device in communication with a server, the method comprising the steps of: requesting by the server and receiving from the client device initial authentication data entered by the user, the initial authentication data comprising wallet information associated with the user; using the initial authentication data, initiating a search for confidential data associated with the user in at least one database associated with the server, and if confidential data associated with the user is found, transmitting to the client device a plurality of randomly ordered and selectable options, wherein one of the selectable options corresponds to a correct option comprising an incomplete telephone number associated with the confidential data of the user, and wherein the other selectable options correspond to false options comprising a plurality of randomly generated incomplete telephone numbers provided in a format similar to the transmitted portion of the telephone number associated with the confidential data of the user; receiving a selection from the user of a selected one of the options, and if the selected one of the options is the correct option, requesting by the server and receiving from the client device additional data entered by the user to complete the incomplete portion of the confidential data associated with the user; determining by the server whether the additional data entered by the user correctly completes the incomplete portion of the confidential data; automatically placing a telephone call via a processor associated with an automatic telephone calling system to a telephone number selected by the user when the server determines that the additional data correctly completes the telephone number associated with the confidential data of the user; generating and transmitting a PIN to the user via either the server or the automatic telephone calling system; receiving entry of the PIN by the user through the other of either the server or the automatic telephone calling system; determining whether the received PIN matches the PIN transmitted to the user; and if identical, granting the user access to the data related to the user.
23. A non-transitory computer readable medium having software code for execution on a computer processor, for authenticating an identity of a user seeking access to confidential data related to the user over a network via a client interface, comprising: a first code segment for requesting by the server and receiving from the client device initial authentication data entered by the user, the initial authentication data comprising wallet information associated with the user; a second code segment for initiating a search, using the initial authentication data, for confidential data associated with the user in the at least one database; a third code segment for transmitting to the client device a plurality of randomly ordered and selectable options, wherein one of the selectable options corresponds to a correct option comprising an incomplete telephone number associated with the confidential data of the user, and wherein the other selectable options correspond to false options comprising a plurality of incomplete telephone numbers provided in a format similar to the transmitted portion of the telephone number associated with the confidential data of the user; a fourth code segment for receiving a selection from the user of a selected one of the options; a fifth code segment for determining if the selected one of the options is the correct option; a sixth code segment for requesting by the server and receiving from the client device additional data entered by the user to complete the incomplete portion of the confidential data associated with the user; a seventh code segment for determining by the server whether the additional data entered by the user correctly completes the incomplete portion of the confidential data; a eighth code segment for automatically placing a telephone call via a processor associated with an automatic telephone calling system to a telephone number selected by the user; a ninth code segment for generating and transmitting a PIN to the user via the server or via the automatic calling system; a tenth code segment for receiving entry of the PIN by the user in either the client device or a device associated with the telephone call; a eleventh code segment for determining whether the received PIN matches the PIN transmitted to the user; and if identical, a twelfth code segment for granting the user access to the confidential data of the user.
Unknown
September 3, 2013
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.